Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.8

    LOW
    CVE-2020-27351

    Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior to 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions ... Read more

    • EPSS Score: %0.06
    • Published: Dec. 10, 2020
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2012-1743

    Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround.... Read more

    Affected Products : industry_applications
    • EPSS Score: %0.40
    • Published: Jul. 17, 2012
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2024-42186

    BigFix Patch Download Plug-ins are affected by an insecure protocol support. The application can allow improper handling of SSL certificates validation.... Read more

    Affected Products :
    • Published: Jan. 23, 2025
    • Modified: Jan. 23, 2025
    • Vuln Type: Misconfiguration

  • 2.8

    LOW
    CVE-2024-0080

    NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. ... Read more

    Affected Products :
    • Published: Apr. 05, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2015-2566

    Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.... Read more

    • EPSS Score: %0.94
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2015-7494

    A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domai... Read more

    • EPSS Score: %0.09
    • Published: Feb. 08, 2017
    • Modified: Apr. 20, 2025

  • 2.8

    LOW
    CVE-2024-29210

    A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for Outlook (PAB), specifically within its configuration management functionalities. This vulnerability allows a regular user to modify the application's configurat... Read more

    Affected Products :
    • Published: May. 07, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2024-3480

    An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data.... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2025-44021

    OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conduc... Read more

    Affected Products : ironic
    • Published: May. 08, 2025
    • Modified: May. 12, 2025
    • Vuln Type: Path Traversal

  • 2.8

    LOW
    CVE-2022-4134

    A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.... Read more

    Affected Products : openstack glance glance
    • EPSS Score: %0.09
    • Published: Mar. 06, 2023
    • Modified: Mar. 06, 2025

  • 2.8

    LOW
    CVE-2022-20327

    In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.... Read more

    Affected Products : android
    • EPSS Score: %0.01
    • Published: Aug. 12, 2022
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2023-41817

    An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2011-3520

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49, 8.50, and 8.51 allows remote authenticated users to affect integrity via unknown vectors related to Personalization.... Read more

    • EPSS Score: %0.28
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 2.8

    LOW
    CVE-2024-3479

    An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.... Read more

    Affected Products :
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2016-4511

    ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.... Read more

    Affected Products : pcm600
    • EPSS Score: %0.05
    • Published: Jun. 10, 2016
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2015-0511

    Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.... Read more

    Affected Products : mysql
    • EPSS Score: %0.43
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2023-3674

    A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as ... Read more

    Affected Products : enterprise_linux fedora keylime
    • EPSS Score: %0.02
    • Published: Jul. 19, 2023
    • Modified: Nov. 21, 2024

  • 2.8

    LOW
    CVE-2025-24324

    Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Authentication

  • 2.8

    LOW
    CVE-2016-0607

    Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.... Read more

    • EPSS Score: %0.83
    • Published: Jan. 21, 2016
    • Modified: Apr. 12, 2025

  • 2.8

    LOW
    CVE-2019-2850

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • EPSS Score: %0.17
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291672 Results